Posted
by
CmdrTacoon Monday July 02, 2007 @08:44AM
from the sounds-suspiciously-like-reading dept.

Gary writes "A new online authentication system called Dynahand could make logging in to websites a little easier. With Dynahand, users simply identify their own handwriting, instead of entering a cryptic password or buying a biometric device to scan their fingerprints. The user's handwriting samples contain only digits, since numerals are harder for an outside party to recognize than letters are. The digits displayed are random, so the handwriting is the only clue to the correct answer."

It's a bad call if it's the only authentication entry, but if it's in addition to something else it might be good. Many banks seem to be going for the 'something you know, and something you recognize' auth motif (banking as one example, where you recognize and identify a preselected word or graphic.) Maybe soon for really secure accounts, we'll have a fairly painless set of layers, ala: something you have - the random PIN cards, something you know - pword, something you i.d. - (handwriting/picture/word)?

It's a bad call if it's the only authentication entry, but if it's in addition to something else it might be good. Many banks seem to be going for the 'something you know, and something you recognize' auth motif

My bank does this, but it's not to authenticate me -- rather it's so I can authenticate them as really being my bank and not a phishing site. TFA is talking about asking you to recognize something to prove who *you* are.

The last bit ("something you I.D.") seems marginally useful for identifying the I.D. challenger, but for identifying the one being challenged, it seems a bit useless. For example, my bank shows me one pre-chosen image from a potentially infinite set (I could upload any arbitrary image) to "prove" I'm still talking to them. Even for that, it's only marginally useful as the man-in-the-middle attack it seeks to thwart could easily be foiled by a man-on-the-inside. Bottom line is it is at worst a 1:n chance if

I'm definitely a member of that crowd. It gets pretty bad when it feels like you have forgotten how to write... I mean it sort of comes back, but legibility is so bad that it has people wondering if I am actually literate.

Handwriting and penmanship may well become one of the most important losses in modern civilization.

I agree completely. Combine that with someone who is left-handed, and you have someone who gets complaints from the bank when he signs his checks (because the signature keeps changing). I use online checking now, so I only have to sign a check about once every 6 months now.You would also have to scan my handwriting in by hand, as I can't write at all on those electronic pen pads for credit card purchases. The stylus slides all over the surface, producing something that looks nothing at all like my hand-writ

I remember a friend of mine breaking his wrist while wrestling. He had to learn how to write left handed for the duration. Believe it or not, his writing was notably different in each of four stages: pre-break, immediately post-break, later when he was getting used to the southpaw thing, and after it was healed and he could start writing right-handed again. There are other problems with this password system than some people just suck at writing.

Which is why I brought up my friend with four distinct handwriting 'templates' across a couple months. There are a lot of ways to change your handwriting out of tolerances, assuming tolerances aren't so slack that they don't mean anything anyway. Broken finger, sprained wrist, dislocated shoulder, tennis elbow, allergic reactions, cuts, or even holding a pen/pencil/stylus of a different width.

This technology not only is not mature, but can likely never be made useful.

Renaud doesn't think Dynahand is secure enough for protecting sensitive information, such as bank accounts or health records. Rather, she believes it could be useful for social sites, where a user wants her account to be private but where nothing disastrous would happen if someone broke into it.

The folks at Dynahand obviously don't know how bad hijacking someone's social network identity could be. While not as sensitive as banking or medical information, access to one's online profile is a pretty sensitive thing. A person pretending to be you on MySpace or Facebook could cause all kinds of damage to your reputation, lose you (real) friends, and leave an incriminating trail for any future employer to find. Even if you are able to regain control of your account via customer service, and could remove the offending material from your page, nothing is every really deleted from the Internet.

If you are basing your "reputation" on your Myspace of Facebook site, I can tell you that your "reputation" is already damaged... Anyone who uses their full name on a social site needs to get their head examined.

Because you can be discriminated against by potential - employers, friends, parents, lovers, etc. if they read something they find distasteful on your site - something you may or may not have even posted yourself. I even know someone who works as an apartment rental manager and he always looks on Myspace pages of potential renters to get an idea of what they are like. The ability to use such "social sites" as tools for illegal discrimination is definitely there, and being used already. I don't use my real f

Why bother? My desk is covered with my clearly recognizable scrawl, and most of it is numeric just to add insult to injury.

While the idea of a system that depends on recognition is interesting (though in my mind, not terribly secure for the exact reason you stated), handwriting is probably the poorest example because we leave handwriting samples everywhere. It'd be much more secure to have the system be "Recognize a picture of your own genitalia" because at least then you only have to worry about former significant others...And hell, for this crowd, you don't even have to worry about that.

It'd be much more secure to have the system be "Recognize a picture of your own genitalia" because at least then you only have to worry about former significant others...

Why do you hate nudists and porn stars?

...And hell, for this crowd, you don't even have to worry about that.

Speak for yourself, I'm quite positive that several hundred people have seen my genitalia. Though I'm not sure they got a good enough look to be able to identify me in the short time my trenchcoat was open.

An even better system would be to select a semi-random series of numbers, letters, and punctuation, that we could key in to uniquely identify ourselves...We could call it a "Secret Word" or a "Pass phrase" or something. "Password?" Nah. Not catchy enough.

I could recognize my parents' handwriting easily. (All that time practicing writing notes from them for the teacher to let me out of class early, you know.) But my dad's secretary would be even better at recognizing his. She's the only one who could reliably interpret it, after all. Sure, that'd be an advantage to this system if you're the sort who gives your secretary your passwords anyways, but what if just maybe the secretary isn't supposed to have access to your confidential personnel files?

An attacker could simply select a hand writing at random till they get the right one.

Even easier than that.. analyze all options given, guess at random then when round #2 starts simply pick the one that matches a sample from round #1 if it's a string of numbers there should be enough numbers displayed to at least find one or two digits in common, and if they happen to show you one or more of the same alternatives displayed in round one you have at least one set you know it wont be (because you tried and f

Not to mention that as soon as someone peeks over your shoulder you have to change your handwriting? Isn't easier to change a silly stream of numbers? This is not as bad as someone cracking the stream for your finger print identity.

That wouldn't be much different from "Site key" style two-factor authentication schemes. It's still just a matter of guessing to crack it, and you could program a computer to guess slower, or get a person to guess more quickly.I have distinctive handwriting, but it would still take me a few seconds (as long or longer than it takes me to type my average 10 character password) to identify my own handwriting out of a random selection of a dozen or two decoy samples.

As novel as this whole handwriting angle is, doesn't this just amount to a multiple-choice test? There's always the off-chance of some random stranger getting in by sheer luck.

Additionally, that's not taking into account the massive amounts of ways someone could get samples of your handwriting. Besides the obvious garbage-picking, things like tax returns, property deeds, or other legal forms can often be public information, and there's a good chance you've written numbers on one at some point.

> There's always the off-chance of some random stranger getting in by sheer luck.

Especially if the stranger is using proxied bots to guess ten times a second.
Assuming a generously extravagant implementation, you might have to correctly choose from 100 handwriting samples to log in. An attacker appears to be you on average 1 time in 100.
Assuming a very weak password system, six characters, all lower case, no numbers or special characters, then your password is 1 among 26^6 possible passwords. An a

I am not a cracker. I am not a phisher. I do not try to get into random people's accounts.

I can't help thinking that IF I ever did try to get into someone else's account, it would be to spy on or get revenge on someone I know. (Really, that isn't something I do. This is a big IF). In those cases, this would surely be so much easier. For example, I am sure I would recognise my family's handwriting.

I certainly remember, when I was a secondary school maths teacher, having to work out who had produces a certain piece of work by recognising the handwriting. Obviously, being maths work, this usually involved recognising digits.

Passwords actually strike me as quite a good security method. A good password is difficult to guess by a person or by a machine and is very simple to implement, leaving less margin for error in the technology.

I know, I know, people forget their passwords or choose the word "password" all the time. It still seems a little depressing that we have to use all this extra trickery to compensate for people being morons.

I know, I know, people forget their passwords or choose the word "password" all the time. It still seems a little depressing that we have to use all this extra trickery to compensate for people being morons.

Users aren't always just morons. I know a person who has to keep track of 9 unique passwords with at least 3 different usernames, most of which are used once a week or less. All the systems have minimum length and complexity requirements, 90-day expiration and permanent lock-out if an account gets just three failed logins in a row. In his case it is potentially a go to jail offense to write down these passwords ANYWHERE, even in some sort of encrypted form.

In cases like that, the real morons are the people pushing their authentication complexity onto the users, not the users themselves.

I see your point, although I guess your friend must be an unusual case.

I think you can get keyrings that manage your passwords for you, generating new ones when needed and with a single sign-on. From what you say, they might be out of bounds for your friend's job, but it sounds as though they should certify some sort of assistance technology to make their job possible...

Even if users wheren't morons, passwords are nearing the end of (if not already past) the end of their usefulness.Brute-force crackers gets stronger all the time. The number of accounts a typical user has grows all the time, and the ability to remember passwords don't. 64 bit keys aren't really secure anymore, and that is a truly-random 8-character password, or a truly random 12-character password consisting of lower UPPER and numeric characters. Could you remember a dozen different passwords of the type Qw

I can't remember a dozen different passwords, but I use Password Safe to create passwords for my logins all the time - I only have to refer back to pwsafe a few times before the password seems burned into muscle memory....

Of course, I use at most 2 upper case, and at most 3 numerics in an 8 character password, so that helps a little.

I know, I know, people forget their passwords or choose the word "password" all the time. It still seems a little depressing that we have to use all this extra trickery to compensate for people being morons.

We don't. Just let them be morons and suffer the consequences of being morons. If
it gets to be that they don't like it, maybe they'll change. If they don't,
it's not anybody else's responsibility to fix their problems for them.

One of the things that buggers me about online security is that it's an "all or nothing" game. All it takes to defeat most security systems is a SINGLE compromise.A single memory buffer problem can frequently lead to 100% system compromise. A single firewall penetration frequently means total access to the network. Can a security system be devised that requires multiple compromises to effect a system compromise?

Passwords actually strike me as quite a good security method. A good password is difficult to gue

1. It's a shared secret. That's all. I was going to say "no better, no worse", but actually it's made significantly worse by being multiple choice.2. Doesn't prevent MITM in any way whatsoever

Now the biometric of someone's typing rythm strikes me as a good thing, along with "PC fingerprinting" and trend analysis, but this suggestion is significantly worse than what we already have available on the market.

My hands are in varying states of pain on most days as a result of too much hard contact over the years. Some days I type as fast as anyone I know, other days I am slow.Most people who have participated in contact training for more than a couple years have this same condition to one degree or another.

Stick with strong passwords. At least then only two classes of people are negatively impacted: users who can't be bothered, and users who deal with onerous security requirements related to multiple passwords

how on earth did anyone ever think this was a good idea? Finding samples of someone having written down numbers is not hard by any stretch of the imagination. As someone already pointed out, simply asking someone to write down a phone number for you, not even necessarily theirs, would get you such a sample. Sometimes people can be pretty dumb.

Almost 15 years ago, I was working on a demo system for a more secure way of issuing benefit payments (at the time, the payee had a paper booklet, and there was quite a lot of trouble with stolen booklets). We investigated what we could practically put on a smart card (similar type of smart card as what is in modern credit cards). One of the things we investigated was signature recognition.

We had a system that did it extremely well, well enough that we never managed to forge another person just signing with an "X". The system not only looked at the shape of the writing, but the way the person wrote - the speed, accelerations, stroke weight etc. The genuine user could be recognised even if they signed fairly scruffily (the system didn't return 'true' or 'false', but rather a confidence). However, another person even if they signed their X to LOOK as much as the original person's X looked would get a very low confidence score.

This was almost 15 years ago - the technology was pretty damned good (but quite expensive) at the time. We managed to get the signature, the person's details and a photograph onto the smart cards of the day (I think they had 8K of storage). The signature took up 1K.

The problem with that method is that it'll work well only so long it's not widely used. The security of this relies on one thing only: That people have restricted access to the system. The "password" itself isn't secret.

So suppose I'm the sysadmin at a small company, and you use this for opening a door or something like that. If the system is under my control I can easily practice all I want with it, then duplicate your signature on an ATM or whatever else uses the system.

(didn't RTFA)As the sole means of access, you are right it's a ridiculous idea.

However, as a combination of the account number, the password and this thing... it acts as a captcha AND it helps the organization identify the user (who might be at a public terminal, or on a different OS or whatever) in a way that is much harder for a keylogger or infected computer to track.

For example, given time, my login and "personal question" answers can get logged by an infected machine and used.

Nope. It'll take some practice, but you can use your left hand (assuming you're a righty) for scrawling totals. Alternatively, you can stave off dementia by doing the arithmetic in your head... (not a jab at you--but for me it's a non-trivial matter) 8)

They should instead be requiring the use of a graphics tablet or Tablet PC and requiring the user to write a given number sequence --- then they get the additional input of speed, pressure, stroke order / direction which makes things reasonably secure (even a person who can forge another's writing isn't likely to get all of the above as consistent as a person using their normal hand).Doesn't even require much more from the user in the way of hardware (trades off a scanner for a graphics tablet).

...they get the additional input of speed, pressure, stroke order / direction...

Requiring kinesiometric data is always a bad idea because it leads to too many false denials. If the person injures their writing hand then they can't write the password the same way as before. It also assumes that the person always writes the character the same way all the time. For example, sometimes I write an upper case "E" by drawing the three horizontal lines followed by the vertical line. Sometimes I'll do the verti

Back in the late 80's, a UK bank did some R&D on this area and came up with a novel idea. It was signature recognition BUT rather than analysing the actual signature, it 'listened' to the pen on the paper as it moved. They found that anyone (well.. some people anyway) could do a fair replication of someone else's signature if they went slowly but it was almost impossible to recreate someone's signature at the same speed and with the same pressure/flourishes.
In case anyone reads this and copyrights the damn thing, there is prior art and it worked. They just didn't think the market was ready for it.

... You get an injury that makes your hand writing change, like a bad break in the hand, or a stroke or something? I am sure you could answer the secret question or whatever, but you have to ask, how consistent is handwriting that a program could use it to authenticate a person?

wouldn't it be more effective to have the computer recognize my handwriting, i.e. I write something and the computer goes "yep, thats the guy"? That way, the computer would know it was me w/o a password, and it wouldn't just be multiple choice or whatever. Of course, handwriting recognition is really, really hard to do quickly and effectively enough to narrow down between thousands/millions of users compared with a password.

For immediate release.Slashdot, USA. A new online authentication system called Dynaface could make logging in to websites a little easier. With Dynaface, users simply identify their own face, instead of entering a cryptic password or buying a biometric device to scan their fingerprints. The user's sample photographs are made under a variety of hair styles and lighting conditions, since the shape and other characteristics of a person's face are harder for an outside party to recognize than hair and lighting

There is no improvement here over biometrics or other credentials falling into the “something you are” category. How do you revoke this credential? How do you limit its scope? I would even argue this is worse than a password because it is not easily changed, and worse, your signature is very public. Consider how many documents you have floating around with your hand-written signature on it. You really want to use something that can be learned and easily reproduced as a secret? Nonsense. We need real solutions (OpenID [wikipedia.org] is a start), not rehashes or regressions of old schemes.

Half the replies so far assume that you have to supply a sample of your handwriting every time you log in. That's not what this system does!This system just presents a few lines of handwriting, and invites you to choose the correct one. A useless system, basically reducing security to a 1-in-10 guess. This is supposed to be developed by a university?

You know the motto of most university researchers, don't you? publish or perish
Most researchers at universities are not mentally capable of producing high-impact theories like those of Einstein, so they end up writing nonsense every day and trying to publish as much as they can to keep their salary going.
Also note that most university researchers outside the US are in fact government employees.

My signature is worse than the worst doctor's handwriting that you can imagine. In 8th grade, when reports were still mostly handwritten, my teacher insisted I started printing because my cursive was atrocious. Printing wasn't much better. I'm very happy to do everything electronically now.My signature is never the same twice because I just write too fast and too frantically. Handwriting analysts would have a conniption trying to determine if my signature was real or forged. A security program would do

Having worked with forensic handwriting analysts, I suspect you would be surprised. It turns out to be non-trivial to intentionally alter your handwriting so completely they can't recognize it as yours with enough confidence to have probitive value (given, of course, an adequate sample of known origin). The odds of your natural handwriting being so obscure it's impossible to validate are really very low.

While I don't like this for security purposes, but if this is 100% accurate we are one huge step forward in the art of OCR. As a Project Gutenberg volunteer, I can't wait for the day when I can scan something and OCR will get it 100% correct. 1 l 0 O etc.

Just make an institution that wants to verify you, send you cut-outs of faces of several hundreds of family pictures that you've taken over the years. The pictures should be analog and old, so that they won't have been on a facebook-like site. Also, have them make you write a random story, in pen, the individual sentennces of which will be presented back to you. Mix everything up with everything else, distort a little, and present back to the user when they want to log in. Postfix with user-chosen passw

Well, I can't write. I did my degree before they had word processors (or at least before they were ubiquitous) and for that I learned to handwrite and then immediately forgot. When I want to write 'CAT' I have to think about how I'm going to make the A -- sometimes I make it an upside down U with a line, sometimes it's more like a capital delta. I know I'm not alone(*).My wife has a much worse problem, though. She was taught to write according to an exact model, with iron-hard discipline and years of tr

Everyone has its own little perks, if I write too fast I have the same problems; I tend to forget letters and the entire handwritten thing is to put on the open fireplace. If I relax, take deep breaths and tend to do my own speed of writing, everything will be more right than whenever I put any speed on it.I even get a "doctors signature" whenever I write too fast rendering the entire text only readable by me and some other freaky goons who shouldn't be able to read that in the first place;)

Let's see, not content with excluding only the blind, they have also decided to exclude those who can't use their hands, those with a more or less random tremor, and those of us who never write anything quite the same way twice.

They should try MY new authentication scheme. It displays a randomly generated question and based on your answer chooses exactly which insulting message to return before refusing access. Nobody will ever break in! It excludes everyone equally so you don't face a discrimination suit

You can't afford to be careless regarding the password coz you never know...

And with that, I stopped reading. Why? Because I don't have enough time to read things that aren't written in at least passable English. If someone has a good idea, and are serious about it, they'll make the effort to communicate it well or have it communicated well for them.

Nothing to see in this article, and, by strong implication, a worthless idea.

This really sounds like a rather useless toy solution, since its easily cracked by brute force or if they make it secure enough to not be crackable, it would be a hell of a lot more uncomfortable then a real password.Anyway, I think the real solution is much easier and already half the way implemented: Email!

On almost each and every side where you login with a password, you have to register your email address. If you lose your password, you let yourself send a new one via email. So in reality there is only

I see a few sarcastic and funny comments about/. geeks no longer knowing what handwriting is. But there is a phenomenon that I experienced, that I was always curious about.I was an early Palm adopter, and learned Graffiti. I used it heavily for taking all my notes, appointements, and such. Found I didn't use paper much any more.

And when I did finally use paper on the odd occasion, I found my handwriting tended towards Graffiti-esque scribblings, than traditional handwriting... It wouldn't have been so

I could quite easily recognize my own...But so could anyone else who has ever seen it. Then there are those people with bland, unmemorable handwriting...How would you pick your handwriting out of a crowd when your handwriting looks like handwriting is supposed to look.Additionally, the number of samples would have to be constrained to what a normal person could be expected to go through, so the odds of someone being able to guess it are huge. I mean, I could set my password to the crappy "Guess,15" and it w

Are there really people that dumb or unfamiliar with their own writing?

I cannot. Or rather, I cannot to the degree of speed and reliability that I type. The only things I ever write by hand are checks. Heck, I tried to write in cursive recently and realized, with the exception of my signature, which is all muscle memory, I don't know any of the capitals.

When's the last time you tried to record something on paper using a pen for

When's the last time you tried to record something on paper using a pen for your own reading later?

Perhaps 2 mins ago. I don't produces pages of hand writing, but I
take notes and annotate all the time. I can't imagine anyone in a
desk job, or practically any job, not having to do this reasonably
frequently.
I think a lot of the problems people may have about this proposed
system is to do with the demise of cursive writing. And when I
say cursive I means straight-forward mixedcase handwriting. Not
the biz